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DETAILED ACTION 
Response to Amendment 

1 . Claims 19, 20, 21 liave been canceled. 
Claims 32, 33, 34 are newly added. 
Claims 1 - 18, 22 - 34 are pending. 

Specification 

2. The specification is objected to as failing to provide proper antecedent basis for 
the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01 (o). Correction 
of the following is required: Regarding claim 22, the newly amended claimed subject 
matter "configured to detect a present location from a source " which is not disclosed 
and describe/support explicitly in the specification. Regarding claim 23, the newly 
amended claimed subject matter "configured to transfer information from a source 
....and wherein the source to transfer ..." which is not disclosed and describe/support 
explicitly in the specification. Clarification and correction is required. 

Claim Objections 

3. Claims 28, 32, 33 objected to because of the following informalities: 
Regarding claims 28, 32, 33, the claims are method claims. A method claim 

should consist of steps to perform. Hence, "A method comprising" should be modified 
as "A method comprising steps of:". Appropriate correction is required. 
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Regarding claim 23, the term "a source" should be corrected as "the source". 
Appropriate correction is required. 

Claim Rejections - 35 USC §112 

4. The following is a quotation of the first paragraph of 35 U.S.C. 1 1 2: 

The specification sliall contain a written description of tlie invention, and of tlie manner and process of 
malting and using it, in sucli full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

Claims 22, 23 are rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter 
which was not described in the specification in such a way as to reasonably convey to 
one skilled in the relevant art that the inventor(s), at the time the application was filed, 
had possession of the claimed invention. Regarding claims 22, 23, the amended 
claimed-subject matter " a source " was not disclosed Initially and described in the 
specification during the application was filed. Clarification is needed. 

5. The following is a quotation of the second paragraph of 35 U.S.C. 1 1 2: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claim 1 recites the limitation "the gateway" in line 10. There is insufficient 
antecedent basis for this limitation in the claim. 

Claim 2 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. Regarding claim 2, the claimed subject matter "a gateway' is 
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not clear. It is not clear to one of ordinary skill in the art that what is being claimed by 
the applicant which gateway, "a gateway' refers to. Does the applicant mean "a 
gateway" referring to a new gateway in the internal portion of the network of the external 
portion of the network, or "a gateway" referring to a first gateway or a second gateway. 
Clarification is required. 

Claim 17 recites the limitation "the gateway" in line 3. There is insufficient 
antecedent basis for this limitation in the claim. 

Claims 29, 34 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. Regarding claims 29, 34, it not clear to one of 
ordinary skill in the art that where the preamble begins and ends aw well as the main 
body for the claimed subject matters. The claims do not indicate clearly where the 
preamble starts and ends, and the main body for the claimed subjects matters begins 
and ends. Clarification and modification are needed. 

Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 

forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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7. Claims 1 - 13, 15, 17-34 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Kakemizu et al. (US 20020018456 A1) in view of Lee et al. (US 
2002008551 7 A1). 

Regarding claim 1, Kakemizu et al. disclose a network (Fig. 1, Fig. 2, Fig 4) 

comprising: an internal secured portion ("VPN of IP sec." interpreted as internal secured 
portion; Fig. 2, para [0017], Fig. 25, para [0113]); an external portion ("public IP 
network" interpreted as an external portion; Fig. 2, para [0017], Fig. 25, para [0113] ); at 
least one mobile node in the external portion element ("MN 1" interpreted as at least 
one mobile node in the external portion; paragraph [0017]); at least a first gateway (Fig. 
2, "element 21 VPNGW(FA)" interpreted as the first gateway; paragraph [0017]); and at 
least a second gateway ("element 31 VPNGW(HA)" interpreted as a second gateway), 
where the internal secured portion connects via the first gateway and the second 
gateway to the external portion (Fig. 2, Fig. 4, VPN of IP sec." interpreted as internal 
secured portion, "element 21 VPNGW(F A)" interpreted as the first gateway, ("element 
31 VPNGW(HA)" interpreted as a second gateway; Fig. 2, para [0017], Fig. 25, para 
[0113), and the network is configured to change the gateway, which the mobile node 
uses to communicate with the internal secured portion, from the first gateway to the 
second gateway in response to movement of the mobile node (paras.[0113], [0119]- 
[0121]). Kakemizu et al. also disclose care-of-address (para. [0100]). 

Kakemizu et al. do not disclose explicitly in response to a receipt from the mobile 
node of a new care- of-address that is different from a first care-of-address. 
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Lee et al. in the same field of endeavor teach in response to a receipt from the 
mobile node of a new care- of-address that is different from a first care-of-address 
("using a newly allocated COA"; para. [0043]). 

At time the invention was made it would have been obvious to a person of 
ordinary skill in the art to modify the teachings of Kakemizu et al. to include the features 
of in response to a receipt from the mobile node of a new care- of-address that is 
different from a first care-of-address as taught by Lee et al. One of ordinary skill in the 
art would be motivated to do so for providing a gatekeeper supporting a handoff in an IP 
telephony system (as suggested by Lee et a!., see para. [0036]). 

Regarding claim 2, Kakemizu et al. disclose a network as claimed further 
configured to transfer context information usable by a gateway in communications with 
the mobile node, to the second gateway (Fig. 25, paragraptis [011 4], [0115]). 

Regarding claim 3, Kakemizu et al. disclose a network as claimed wherein the 
context information includes an identifier of the mobile node ("care-of-address" 
interpreted as context information includes an identifier of tlie mobile node; paras 
[0004], [0100]). 

Regarding claim 4, Kakemizu et al. disclose a network as claimed wherein the 
identifier is a home address of the mobile node ("home address"; paras [0004], [0100]). 

Regarding claim 5, Kakemizu et al. disclose a network as claimed wherein the 
context information includes material for defining secure communication means by 
which information is transferable securely between the mobile node in the external 
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portion of tlie networl< and tlie internal secured portion of the network, via the second 
gateway (paras [0017], [0024], Fig. 2, Fig. 27). 

Regarding claim 6, Kakemizu at al. disclose a network as claimed wherein the 
secure communication means is a security association pair between the second 
gateway and the mobile node (Fig. 27, "position registration request message (l-IAR), 
and "position registration response (HAA)" interpreted as secure communication means 
is a security association pair; paras [0128], [0129). 

Regarding claim 7, Kakemizu et al. disclose a network as claimed wherein the 
context information is transferred from a location that is physically separate from the first 
gateway ("element 23 AAAF"; Fig. 27, paras [0127], [0129]). 

Regarding claim 8, Kakemizu et al. disclose a network as claimed further 
configured to transfer information to the mobile node for enabling communications 
between the mobile node and the second gateway (Fig. 27, para [0129]). 

Regarding claim 9, Kakemizu et al. disclose a network as claimed wherein the 
information transferred to the mobile node enables secure communication means by 
which information is transferable securely between the mobile node in the 
external portion of the network and the internal secured portion of the network, via the 
second gateway ("elements "Reg Req 1, and Reg Rep 8 and autlientication request 
message , AMR" interpreted as the information transferred to the mobile node enables 
secure communication means; Fig. 27, paras [0127]-[0129]). 

Regarding claim 10, Kakemizu et al. disclose a network as claimed wherein the 
secure communication means is a security association pair between the mobile node 
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and the second gateway {Fig. 27, "position registration request message (HAR), and 
"position registration response (HAA)" interpreted as secure communication means is a 
security association pair; paras [0128], [0129]). 

Regarding claim 11, Kakemizu at al. disclose a networl< as claimed wherein the 
information transferred to the mobile node comprises an address of the second gateway 
(Fig. 27, para. [0128]). 

Regarding claim 12, Kakemizu et al. disclose a network as claimed wherein the 
information transferred to the mobile node is transferred between the first gateway and 
the mobile node using an existing security association between the mobile node and the 
first gateway (elements "Reg Req 1, and Reg Rep 8 and authentication request 
message , AMR" interpreted as the information transferred to the mobile node is 
transferred between the first gateway and the mobile node; Fig. 27, paras [0127]- 
[0129]). 

Regarding claims 13, 15, Kakemizu et al. disclose a network as claimed 
wherein the second gateway comprises one or more databases which are updated to 
enable the internal secured portion of the network and the mobile node in the external 
portion of the network to communicate via the second gateway ("element 34 VPN 
database"; Fig. 27, paras [0128], [0129]). 

Regarding claim 17, Kakemizu et al. disclose a network as claimed further 
configured to detection means for detecting a present location of the mobile node and 
initiate a change in the gateway through which the mobile node communicates with the 
internal secured portion of the network, from the first gateway to a better gateway 
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(element 33 AAAH" interpreted as the location detection means; Fig. 25, Fig. 26, paras 
[0119]-[0121). 

Regarding claim 18, Kakemizu et al. disclose a network as claimed wherein the 
better gateway is better because it is either closer to the mobile node or it is optimal for 
routing existing sessions (Fig. 13, paras [0080], [0081]). 

Regarding claim 22, Kakemizu et al. disclose a network as claimed further 
configured to detect a present location from a source that is separate from the first 
gateway ("element 33 AAAH" interpreted as configured to detect a present location from 
a source tliat is separate from the first gateway (VPHGW(HA) interpreted as first 
gateway); Fig. 25, Fig.26, paras [Oil 9]-[01 21]). 

Regarding claim 23, Kakemizu et al. disclose a network as claimed further 
configured to transfer information from a source that is physically separate from the first 
gateway and wherein the source to transfer information and the source to detect a 
present a present location are housed together (Fig. 6, paras [0071], [0072]). 

Regarding claim 24, Kakemizu et al. disclose a network as claimed wherein 
the first gateway and the second gateway are in distinct physically separated 
segments of the network (VPNGW(FA) interpreted as first gateway which is located at 
roaming-contracted ISP network, and VPNGW(HA) interpreted as second gateway 
which is located at HOME ISP; Fig. 25, Fig. 26). 

Regarding claim 25, Kakemizu et al. disclose a network as claimed wherein 
the mobile node communicates with the internal secured portion of the network via 
the first gateway and also via the second gateway simultaneously for a transition 
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period, before communicating via the second gateway only {Fig. 26, paras [0120]- 
[0121]). 

Regarding claim 26, Kakemizu et al. disclose a network as claimed wherein 
the mobile node is involved in a session with a correspondent node (para [0128]). 

Regarding claim 27, Kakemizu et al. disclose a network as claimed wherein the 
correspondent node is located in the internal secured portion of the network and the 
mobile node is located in the external portion of the network ("CN" interpreted as 
correspondent node is located in the internal portion of the network; "MN 1 " interpreted 
as the mobile node is located in the external portion of the network; Fig. 2, Fig. 26). 

Regarding claim 28, Kakemizu et al. disclose a method comprising: determining 
when a first serving gateway through which a mobile node communicates from an 
external portion of a network with an internal secured portion of the network, is 
suboptimal (Fig. 13, paras [0080], [0081]); identifying a second gateway ("reads the 
address of the VPNGW"; paras [0080], [0081]); and in response to the mobile node 
moving (Fig. 26, paras. [01 19]), and transferring the point the gateway through which 
the mobile node communicates with the internal portion of the network from the first 
serving gateway to the second gateway (Fig. 26, paras. [0119]- [0121]), except 
sending a new care-of-address that is different from a first care-of-address to the first 
serving gateway. 

Kakemizu et al. do not disclose explicitly sending a new care-of-address that is 
different from a first care-of-address to the first serving gateway. 
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Lee et al. in the same field of endeavor teach sending a new care-of-address that 
is different from a first care-of-address to the first serving gateway ("using a newly 
allocated COA"; para. [0043]). 

At time the invention was made it would have been obvious to a person of 
ordinary skill in the art to modify the teachings of Kakemizu et al. to include the features 
of sending a new care-of-address that is different from a first care-of-address to the first 
serving gateway as taught by Lee et al. One of ordinary skill in the art would be 
motivated to do so for providing a gatekeeper supporting a handoff in an IP telephony 
system (as suggested by Lee et al., see para. [0036]). 

Regarding claim 29, Kakemizu et al. disclose a mobile node (Fig. 1, Fig. 2, Fig. 
4) configured to receive, via a first secure communication means, an identifier of a 
second gateway (Fig. 27, paragraph [0128]); and further configured to change from 
communicating with the internal secured portion of the network through the first gateway 
to communicating via the second gateway (Fig. 27, paragraphs [01 28]-[0129]),except in 
response to moving and sending a new care-of-address that is different from a first 
care-of- address to the first gateway. 

Kakemizu et al. do not disclose explicitly in response to moving and sending a 
new care-of-address that is different from a first care-of- address to the first gateway. 

Lee et al. in the same field of endeavor teach in response to moving and sending 
a new care-of-address that is different from a first care-of- address to the first gateway. 
("using a newly allocated COA"; para. [0043]). 
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At time the invention was made it would have been obvious to a person of 
ordinary skill in the art to modify the teachings of Kakemizu et al. to include the features 
of in response to moving and sending a new care-of-address that is different from a first 
care-of- address to the first gateway. 

as taught by Lee et al. One of ordinary skill in the art would be motivated to do so for 
providing a gatekeeper supporting a handoff in an IP telephony system (as suggested 
by Lee et al., see para. [0036]). 

Regarding claim 30, Kakemizu et al. disclose a mobile node as claimed further 
comprising means for using a first secure communication means by which information is 
transferable securely between the internal portion of the network and the mobile node 
via the first gateway, to receive the identifier of the second gateway (elements "Reg Req 
1, and Reg Rep 8 and authentication request message , AMR" interpreted as the 
information transferred to the mobile node is transferred between the first gateway and 
the mobile node; Fig. 27, paragraphs [0127]-[0129]); 

Regarding claim 31, Kakemizu et al. discloses a mobile node as claimed 
further comprising means for using a second secure communication means to 
transfer Information securely between the internal portion of the network and the 
mobile node via the second gateway (Fig. 27, "position registration request message 
(HAR), and "position registration response (HAA)" interpreted as means for using a 
second secure communication means; paragraphs [0128], [0129]). 

Regarding claim 32, Kakemizu et al. disclose a method comprising: 
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moving in an external portion of a networl<, wliere tlie networl< comprises an internal 
secured portion, the external portion, at least a first gateway, and at least a second 
gateway; obtaining a location identifier {Fig. 27, paragraphs [01 28]-[01 29]), Kakemizu et 
al. also disclose where the location identifier comprises a care-of-address ("care-of- 
address"; para. [0100]). 

Kakemizu et al. do not disclose explicitly where the location identifier comprises a 
new care-of-address different from a first care-of-address; sending the new care-of- 
address to the first gateway; and in response to receiving an acknowledgement from the 
second gateway, communicating via the second gateway. 

Lee et al. in the same field of endeavor teach where the location identifier 
comprises a new care-of-address different from a first care-of-address; sending the new 
care-of-address to the first gateway; and in response to receiving an acknowledgement 
from the second gateway, communicating via the second gateway ("using a newly 
allocated COA"; para. [0043]). 

At time the invention was made it would have been obvious to a person of 
ordinary skill in the art to modify the teachings of Kakemizu et al. to include the features 
of where the location identifier comprises a new care-of-address different from a first 
care-of-address; sending the new care-of-address to the first gateway; and in response 
to receiving an acknowledgement from the second gateway, communicating via the 
second gateway as taught by Lee et al. One of ordinary skill in the art would be 
motivated to do so for providing a gatekeeper supporting a handoff in an IP telephony 
system (as suggested by Lee et al., see para. [0036]). 
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Regarding claims 33, 34, Kakemizu et al. disclose a method comprising and an 
apparatus configured to (Fig. 1 , Fig. 2, Fig. 4): updating a location database in order to 
change an identification of a gateway that the mobile node uses to communicate from 
an external portion of the network to an internal secured portion of the network (paras. 
[0113], [0119]-[0121]), except receiving a new care-of-address that is different from a 
first care-of-address from a mobile node that has moved in a network. 

Kakemizu et al. do not disclose explicitly receiving a new care-of-address that is 
different from a first care-of-address from a mobile node that has moved in a network. 

Lee et al. in the same field of endeavor teach receiving a new care-of-address 
that is different from a first care-of-address from a mobile node that has moved in a 
network (para. [0043]). 

At time the invention was made it would have been obvious to a person of 
ordinary skill in the art to modify the teachings of Kakemizu et al. to include the features 
of receiving a new care-of-address that is different from a first care-of-address from a 
mobile node that has moved in a network as taught by Lee et al. One of ordinary skill in 
the art would be motivated to do so for providing a gatekeeper supporting a handoff in 
an IP telephony system (as suggested by Lee et al., see para. [0036]). 

8. Claims 14, 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Kakemizu et al. (US 20020018456 Al) and Lee et al. (US 20020085517 Al) as applied 
to claims 1, 13, 15 above, and further in view of Shapira et al. (US 7107464 B2). 
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Regarding claims 14, 16, Kakemizu et al. disclose a network as claimed 
wherein the second gateway comprises one or more databases ("element 34 VPN 
database"; Fig. 27, paras [0128], [0129]). 

Kakemizu et al. and Lee et al. do not disclose explicitly wherein the one or more 
databases are a security policy database and a security association database. 

Shapira et al. in the same field of endeavor teach wherein the one or more 
databases are a security policy database and a security association database ("a 
security association database (SAD)"; col. 6, lines 47 - 54, "Security Policy Database 
(SPD)"; col. 14, lines 39 - 48). 

At time the invention was made it would have been obvious to a person of 
ordinary skill in the art to modify the teachings of Kakemizu et al. and Lee et al. to 
include the features of wherein the one or more databases are a Security Policy 
Database and a Security Association Database as taught by Shapira et al. One of 
ordinary skill in the art would be motivated to do so for providing a mechanism for 
implementing virtual private networks (VPNs) incorporating a security association 
database and associated processor (as suggested by Shapira et al., see col. 1, lines 8 - 
11). 

Response to Arguments 

9. Applicant's arguments filed on 1 2/08/2008 with respect to claims 1 - 9, 22 - 34 
have been considered but are moot in view of the new ground(s) of rejection. 
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Regarding amended claims 1, 28, applicant argues tliat reference fails to 
disclose "the network is configured to change the gateway, which the mobile node uses 
to communicate with the internal secured portion, from the first gateway to the second 
gateway in response to movement of the mobile node and in response to a receipt from 
the mobile node of a new care- of-address that is different from a first care-of-address, 
see applicant's remark page 15, 17. 

In response to Applicant's remark/argument, Examiner respectfully 
disagrees with the remark/argument addressed above since the new grounds of 
rejection set forth below clearly disclosed that the combined system of Kakemizu et al. 
and Lee et al. teaches the applicant claimed invention and subject matters. 

Examiner interpreted "the network is configured to change the gateway, which 
the mobile node uses to communicate with the internal secured portion, from the first 
gateway to the second gateway in response to movement of the mobile node" as when 
the MN 1 of the user has moved between different domains 2 and 2', the user transmits 

a registration request (Reg Req) in a procedure (AAAH) (AAAF),... , see reference 

Kakemizu et al., paras. [01 19] - [0121], and interpreted in response to a receipt from 
the mobile node of a new care- of-address that is different from a first care-of-address 
as "using a newly allocated COA"; see Lee et al. para. [0043]. 

Conclusion 

10. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 
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a) Jing et al. (US 7298847 B2). 

b) Xuetal. (US 6738362 B1). 

c) Aminetal. (US 6714987 B1). 

1 1 . Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

12. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andrew C. Lee whose telephone number is (571 )272- 
3131 . The examiner can normally be reached on Monday through Friday from 8:30am - 
5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached on (571) 272-7884. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Andrew C Lee/ 
Examiner, Art Unit 2419 
<2/09/2009:2Qy09> 



/Edan Orgad/ 

Supervisory Patent Examiner, Art Unit 2419 



